As our world becomes increasingly connected, and the use of technologies for business processes quickly become commonplace, securing ourselves from cyber security threats can become as important to our business as protecting our physical premises.
The recently released Telstra Cyber Security Report 2016 found that incidents of ransomware and phishing emails continue to rise in Australia – with phishing emails rising by 29 per cent in 2015.
The increase of malware threats means that every single member of your staff needs to be aware of the potential and emerging cyber security threats that could target your business.
It isn’t just data theft that can cause harm to Aussie businesses, according to Craig Joyce Telstra’s Director of Security Practice “brand damage as the result of a breach is enough to seriously impact smaller businesses and their viability in the market.”
All businesses, big or small need to be aware of potential security threats. However these terms and their implications are still unfamiliar to the majority of us. What exactly is malware? And what do phishing emails mean for your business? We’ll go through the terms and threats you need to be aware of in order to make sure your business is taking all the right precautions.
Malware is software that attacks a computer or your server in order to spy, take data or take control of your machine. Hosted malware is on the rise in Australia, and it shows no sign of slowing down. This trend for hacking has developed to such an extent that a whole cottage industry for creation of malware has been established.
But how does this affect your business? Well, there are a few different types of malware, but if your business utilises Adobe Flash, then you could be at risk of an attack from ‘Angler’ – a fast-growing type of malware that targets vulnerabilities in Adobe Flash files. Telstra’s report highlights that the growth of this type of cyber threat can be attributed to the growth in mobile commerce trade on smartphones and tablets, where shoppers use mobile optimised websites and applications in order to carry out transactions.
Ransomware is a type of malware that locks down your computer, server or files for ransom. Some forms of ransomware will demand businesses to pay a ransom within limited time frames, such as 48 hours. According to Telstra’s report, the Websense ThreatSeeker Network detected 1.05 million attacks from a ransomware called CryptoLocker globally and, crucially, 60% of these attacks were detected in Australia. The total amount of money lost due to ransomware and malware incidents in Australia in 2014 was estimated at an astonishing $1,228,2822. This means that businesses in Australia need to be more vigilant than ever when it comes to protecting our cyber assets.
According to Craig Joyce, phishing is “the fastest growing method of malware in Australia [and] there were over a million identified sources of Malware in Australia in the past 12 months”.
Phishing is an attempt to acquire sensitive information by way of masquerading as trustworthy electronic sources. In other words, the email that looks like it comes from a contact or colleague or from your Paypal account, could actually be an attempt to infiltrate your business. Telstra’s report revealed that phishing attacks have increased by 29 per cent in 2015, compared to 2014.
What’s difficult to control in this scenario is the fact that it only takes one member of staff to click a malicious link or open an infected attachment in order for infection to travel through your business.
Protect your business
Whether it’s malware attacks or phishing campaigns, there are steps your business can take to protect against these cyber security threats. Familiarisation is key. Getting to know your threats and accepting that this is as real an issue for your business as any other factor – profit, loss, premises – is vital. When it comes to business protocols, here are some precautions to take to ensure your business’ safety.
5 Practical steps to protect against cyber attacks
- Keep up-to-date backups of all your data on devices and servers
- Limit or restrict access to rights on computers where not needed
- Create backups that are not connected to the local network, so that they cannot be encrypted
- Block unwanted applications originating from your network – users could download encrypted malware accidentally
- Ensure you have end point protection, such as McAfee or Symantec from Telstra, available on the Apps Marketplace
Perhaps most vital of all is educating your whole team on the matter of cyber security. Conduct sessions on the terms and what attacks can mean for your business, and test your staff periodically in order to make sure they stay aware of the potential threats. Knowledge is power in the realms of cyber security, and only as a team can your business best protect itself.